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INVENTOR- IN FORMAT I ON : 
NAME 

Downs; Edgar 
Gruse; George Gregory 
Hurtado; Marco M. 
Lehman; Christopher T . 
Milsted; Kenneth Louis 
Lotspiech; Jeffrey B. 



CITY STATE 

Fort Lauderdale FL 

Lighthouse Point FL 

Boca Raton FL 

Delray Beach FL 

Boynton Beach FL 

San Jose CA 



ZIP CODE 



COUNTRY 
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CROSS-REFERENCE TO RELATED APPLICATIONS This non-provisional application claims 
subject matter that is technically related to the following applications that are 
commonly assigned herewith to International Business Machines (IBM) . APPLI- CATION 
ATTORNEY SERIAL TITLE OF THE DOC. NO. NO. INVENTION INVENTOR(S) SE9-98-006 
09/152,756 Secure Electronic Kenneth L. Milsted Content George Gregory Gruse 
Management Marco M. Hurtado Edgar Downs Cesar Medina SE9-98-007 09/209,440 
Multimedia Player George Gregory Gruse Toolkit .John J. Dorak, Jr. Kenneth L. 
Milsted SE9-98-008 09/241,276 Multimedia Content Kenneth L. Milsted Creation System 
Qing Gong Edgar Downs SE9-98-009 09/177,096 System for Tracking George Gregory 
Gruse End-User Electronic John J. Dorak, Jr. Content Kenneth L. Milsted SE9-98-010 
09/203,307 Key Management Jeffrey B. Lotspiech System for End- Marco M. Hurtado 
User Digital Player George Gregory Gruse Kenneth L. Milsted SE9-98-011 09/208,774 
Multi-media player Marco M. Hurtado for an Electronic George Gregory Gruse Content 
Delivery Edgar Downs System Kenneth L. Milsted SE9-98-013 09/203,306 A method to 
Kenneth L. Milsted identify CD content Craig Kindell Qing Gong SE9-98-014 
09/203, 315. Toolkit for Richard Spagna delivering electronic Kenneth. L. Milsted 
content from an David P. Lybrand Online store. Edgar Downs SE9-98-015 09/201,622 A 
method and Kenneth L. Milsted apparatus to Kha Kinh Nguyen automatically create 
Qing Gong encode audio SE9-98-016 A method and Kenneth L. ' Milsted apparatus to Qing 
Gong indicate an encoding rate for audio 
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OTHER 'PUBLICATIONS 

J. Linn, "Privacy Enhancement for Internet Electronic Mail: Par.t T: Message 
Encryption and Authentication Procedures", RFC 1421, Feb., 1993, pp. 1-37. 
S. Kenf, "Privacy Enhancement or Internet Electronic Mail: Part II: Certificate- 
Based Key Management". RFC 1422, Feb., 1993, pp. 1-28. 

D. .Balenson, "Privace Enhancement for Internet Mail: Part III: Algorithms, Modes, 
and Indentifiers", RFC 1423, Feb. 1993, pp. 1-13. 

B. Kaliski, "Privacy Enhancement for Internet Electronic Mail: Part IV: Key 
Certification and Related Services", RFC 1424, Feb. 1993, pp. 1-8. 

ART-UNIT: 274 

PRIMARY-EXAMINER: Trammell; James P. 
ASSISTANT-EXAMINER: Nguyen; Nga B. 

ATTY-AGENT-FIRM: Meyers; Steven J. Soucar; Steven J, Fleit, Kain, Gibbons, Gutman & 
Bongini P.L. . 

ABSTRACT: 

Disclosed is a method and apparatus of securely providing data to a user's system. 
The data is encrypted so as to only be decryptable by a data decrypting key, the 
data dee r vpt ln e n cgy.p ted using a f irst public ke y, and the encrypted 

data "^^^^^Hf^^^ire^ to t ^^fl§e^s--:^sy s tei!?,-^5H^e„^^ i ng the steps of: 

transferring the encrypted data decrypting key to a clearing house that possesses a 
first private key,^tTx'ch^'^coTrespond's^to^^^^ "first public key; decrypting the data 
decrypting key using the first private key; re-encrypting the data . decrypting key 
using a second public key; transferring the fe^ncrypted 'data decryp'ting key to the 
u^eF*^ system, tlre'^user * s^ system possessing a second private key, which corresponds 
to the second public key; and decrypting the re-encrypted data decrypting key using 
the second private key. 

26 Claims, 20 Drawing figures 
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TITLE: Electronic content delivery system 



Application Filing Date (1) : 
19980813 



Detaile 



Either 
encrypt 




Key Identifier 
Te part o 



.xt (146) : 

o indicate the public encryption key that was used to 



ncrypted symmetric key that, when decrypted, is used to 
decrypt the encrypted part . 

Detailed Description Text (175): 

Watermarking Instructions--A part that contains the encrypted instructions and 
parameters for implementing watermarking in the Content 113. The watermarking 
instructions may be modified by the Clearinghouse { s ) 105 and returned back to the 
End-User Device(s) 109 within the License SC{s) 660. There is a record in the Key 
Description part that defines the encryption algorithm that was used to encrypt the 
watermarking instructions, the output part name to use when the watermarking 
instructions are decrypted, a base64 encoding of the encrypted Symmetric Key 623 
bitstring that is was used to encrypt the watermarking instructions, the encryption 
algorithm that was used to encrypt the Symmetric Key 623, and the identification of 
the public key that is required to decrypt the Symmetric Key 623. 



705/1 












Current 


US 


Cross 


Reference 


Classification 
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705/51 












Current 


US 


Cross 


Reference 


Classification 


(11) 


705/57 












Current 


US 


Cross 


Reference 


Classification 


(12) 



705/59 



Previous Doc Next Doc Go to Doc# 



http://westbrs:9000^in/gate.exe?f^doc&state=o0vsf6.42.4&ESNAME=KMC&p_Message=.. 9/12/05 



Record Display Form 



Page 1 of 2 



First Hit Fwd Refs 
End of Result Set 



Previous Doc Next Doc Go to Doc# 



L27: Entry 1 of 1 



File: USPT 



Jan 8, 2002 



DOCUMENT-IDENTIFIER: US 6337912 Bl 

TITLE: Method of and system for writing-in key information 

Application Filing Date (1) : 
19970819 

CLAIMS: 

5. A system for securely transforming a data carrier remotely into a key associated 
with a particular object identified by object information, comprising; 

a data carrier having a data carrier memory for storing secret identification 
information of said data carrier that is not externally accessible and for also 
storing open further identification information of said data carrier that is 
externally accessible; 

a central station having a central station memory for storing said secret 
identification information in association with said open identification information 
and for storing said object information and key information in association with 
said object information; 

a remote station for retrieving said further identification information from said 
data carrier memory and for entering said object information; 

said remote station including a first encryption section for encrypting said 
entered object information with said retrieved further identification information 
to produce first encrypted object information, and a second encryption section 
using an asymmetrical encryption/decryption process having a public encryption key 
stored at said remote station and a corresponding secret descryption key stored at 
said central station for further encrypting said first encrypted object information 
to produce second encrypted object information; 

said remote station transmitting and said central station receiving said second 
encrypted object information and said retrieved further identification information; 

said central station further including a first decryption section for decrpyting 
said received second encrypted object information with said stored secret • 
decryption key to recreate said first encrypted object information and a second 
decryption section for further decrypting said recreated first encrypted object 
information with said received further identification information to recreate said 
object information; 

said central station retrieving said secret identification information associated 
with said further identification information and retrieving said key information 
associated with said . recreated object information; 

said central station further including an encryption section for encrypting said 



http://westbrs:9000/bin/gate.exe?f^doc&state=o0vsf6.54. 1 &ESNAME=KWIC&p_Message=. . . 9/12/05 



Record Display Form 



Page 2 of 2 



retrieved key information with said retrieved secret identification information, 
said central station transmitting and said remote station receiving said encypted 
key informations- 
said remote station retrieving said stored secret identification information and 
including a decryption section for decrypting said received encrypted * key 
information with said retrieved secret identification information to recreate said 
key information; and 

said remote station storing said recreated key information in said data carrier to 
transform said data carrier into. said key associated with said particular object. 
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34 


L19 


L18 


L 1 7 and (keyS near4 identifS) 


914 


L18 



http://westbrs:9000/bin/cgi-bin/PreSearch.pl 



9/12/05 



WEST Refine Search 



Page 2 of 2 



TIT 

L17 


705/?.ccls. 


10489 


L17 


L16 


L15 and acceleratS 


2 


L16 


L15 


LI and (((road or surface) with (coef$ or friction)) and (chang$ with speed 
with (connects or disconnects))) 


3 


L15 


L14 


LI and (((road or surface) with (coefS or friction)) same (changS with 
speed with (connects or disconnects))) 


0 


L14 


L13 


L2 and (((road or surface) with (coefS or friction)) same (changS with 

c-rif»f*n \Antn fcnnvif^ofii r\r Hicr*n"nnpr»f*C^^^ 
OjJC/CLl Willi ^L'^llllCL'UI) vJl Ulo^UilllCd^) J J J 


0 


L13 


UD~~ 


-Tl^PT- TJ-IF^— A^^Til^MFF' PTTJP — VJ7<k - nP—HJ? 
■Uorlf I riJ^ij—/LoolKJiy£L£Lf rL/UK — IJ^o, Ur—UK 






T 19 


Tin iinH FiKTcr 


1 
1 


Liz 


LI 1 


Tin anH ^pViflncrSi witVi ^nppH witVi rmnnpft^C nr Hicmnn^^f t*C^^ 

i-/ I \J CUiU ^^llCUl^vP Willi 0|J&t/lJ. Willi ^LfUlillC^dtJ) Ul LLloL/UlUlCv'liP J J 


1 


T 1 1 


LIO 




1 
1 


T in 


j-yu 








T 0 


i^o ana ^cnangj* wiin speec wun (^connecij) or aisconneci4> ) ) 


1 


T Q 

Lz 


T 8 


1^/ CulLl ^^lUdU Ul oUllCtL'C^ WlUl CUdildCllL) 


7 


T R 


T 7 


T 0 JinH ^^rr^Jirl nv ciir'pQr'p'^ \x/itVi "fri r'ti r^n^ 
l^Zr ollLl ^^lUdU Ul oUIictL'C^ Willi IIIL/IIUIII 




T 7 




-USPT- THFS=ASSfGNFF' PT JJR=YF^' nP=nP 






L6 


T >4 flnH /^rViancr^R witVi qfippH with rrmrif^pt*!! witVi f^^<:nnnnpr't*£^ 

J-/" CUIU y^^llCU1^4> Willi O^J^CU. Willi L'Ulllll^^ltJ) Willi Ulo^UXUlCL'lkP 1 


1 


T fs 


T S 


Lf*T ailvJ. ^L/llaiI^ii> WlUl bpCCU^ 




T C 

-LJ 


T J. 


J ana (^snaii witn power j) ) 


OJ 


T A 

L4 


L3 


L2 and (shaft with transmission) 
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File: USPT 



Jan 8, 2002 



US-PAT-NO: 6337912 

DOCUMENT-IDENTIFIER: US 6337912 Bl 

TITLE: Method of and system for writing-in key information 
DATE-ISSUED: January 8, 2002 



INVENTOR-INFORMATION: 
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Buhr; Wolfgang Hamburg 

Horner; Helmut Hamburg 
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COUNTRY 
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NAME 

U.S. Philips Corporation 
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DATE FILED: August 19, 1997 

FOREIGN-APPL-PRIORITY-DATA: 
COUNTRY APPL-NO 
DE 196 33 802 



CITY STATE ZIP CODE COUNTRY TYPE CODE 

New York NY 02 



APPL-DATE 
August 22, 1996 



INT-CL: [07] HOi L 9/11, IIM L 1/00, H04 K ^/OO 

US-CL-ISSUED: 380/279; 380/260, 713/185 
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PAT-NO 
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ISSUE-DATE 
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PATENTEE-NAME 
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n 5745571 April 1998 Zuk 380/21 

n 5838251 November 1998 Brinkmeyer et al . 340/825.31 

n 5959276 September 1999 lijima 235/380 



ART-UNIT: 2131 

PRIMARY-EXAMINER: Hayes; Gail 
ASSISTANT-EXAMINER: DiLorenzo; Anthony 
ATTY-AGENT-FIRM: Mak; Theo 

ABSTRACT: 

In order to unambiguously allocate a data carrier to an object, key information is 
written into the data carrier. Before writing-in the key information, secret 
identification information and open identification information is written into the 
data carrier. Copies of the secret and open information are stored in a central 
station. In the central station, for a particular data carrier, the open and secret 
information is associated with each other. In addition thereto, in the central 
station, object information for the particular object, and key information for the 
object are associated with each other. From the data carrier, the open 
identification information is sent to the central station to access the associated 
stored open and secret identification information so as to retrieve the stored 
secret identification information. In addition thereto, object information is sent 
to the central station to access the associated stored object and key information 
so as to retrieve the stored key information. The retrieved' key information is 
encrypted with the retrieved secret identification information and the encrypted 
key information is sent to the data carrier. In the data carrier, the received 
encrypted key information is decrypted. The decrypted key information is written 
into the data carrier. 

8 Claims, 1 Drawing figures 
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File: USPT 
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// 

DOCUMENT-IDENTIFIER: US 6337Q12 Bl 

TITLE: Method of and system/for writing-in key information 



Application Filing Date (1): 
19970819 

CLAIMS : 

5. A system for securely transforming a data carrier remotely into a key associated 
with a particular object identified by object information, comprising; 

a data carrier having a data carrier memory for storing secret identification 
information of said data carrier that is not externally accessible and for also 
storing open further identification information of said data carrier that is 
externally accessible; 

a central station having a central station memory for storing said secret 
identification information in association with said open identification information 
and for storing said object information and key information in association with 
said object information; 

a remote station for . retrieving said further identification information from said 
data carrier memory and for entering said object information; 

said remote station including a first encryption section for encrypting said 
entered object information with said retrieved further identification information 
to produce first encrypted object information, and a second encryption section 
using an asymmetrical encryption/decryption process having a public encryption key 
stored at said remote station and a corresponding secret descryption key stored at 
said central station for further encrypting said first encrypted object information 
to produce second encrypted object information; 

said remote station transmitting and said central station receiving said second 
encrypted object information and said retrieved further identification information; 



said central station further including a first decryption section for decrpyting 
said received second encrypted object information with said stored secret 
decryption key to recreate said first encrypted object information and a second 
decryption section for further decrypting said recreated first encrypted object 
information with said received further identification information to recreate said 
object information; 

said central station retrieving said secret identification information associated 
with said further identification information and retrieving said key . information 
associated with said recreated object information; 

said central station further including an encryption section for encrypting said 
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retrieved key information with said retrieved secret identification information, 
said central station transmitting and said remote station receiving said encypted 
key information; 

said remote station retrieving said stored secret identification information and 
including a decryption section for decrypting said received encrypted key 
information with said retrieved secret identification information to recreate said 
key information; and 

said remote station storing said recreated key information in said data carrier to 
transform said data carrier into said key associated with said particular object. 
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Application Filing Date (1) : 
19970903 



Current US Original Classification (1) : 
705/50 

Current US Cross Reference Classification ( 1 ) .: 
705/1 
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CLAIMS: 

2. A program data distribution method for use with an open network comprising the 
steps of: issuing an identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is. used to decode the program data encrypted by the encryption key; 
distributing program data encrypted by the encryption key from a file server 
connected to said open network; distributing a decryption key from a key server 
connected to said open network, said decryption key used to decode said encrypted 
program data; and employing said decryption key distributed by said key server to 
decode said encrypted program data obtained from said file server by a terminal, 
which is connected to said open network for processing program data, wherein, at 
the step of distributing encrypted program data, the identification code is 
transmitted along with the program data to the terminal, the terminal transmits the 
received identification code to the key server, and based on the identification 

^ code , the key ~se'rve~r~~"s"e"arches for a decryption key us ed-tc decrypt the program data 

^and^transmits the decryption key" to the terminal. 

8. A program data distribution method, for use with an open network, comprising the 
steps of; issuing an identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is used to decode the program data encrypted by the encryption key; 
distributing program data encrypted by the encryption key from a file server 
connected to said open network; downloading said encrypted program data, which is 
distributed by said file server, at a terminal that is connected to said open 
network and processes said program data; distributing a decryption key from a key 
server connected to said open network, said decryption key used to decode said 
encrypted ^program data that is transmitted by said file server; and employing, at 
said terminal, said decryption key received from said key server to decode said 
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*^ encrypted program data that is downloaded, wherein at the step of distributing 

encrypted program data the identification code is distributed along with the 
program data, at the step of downloading the identification code is transmitted to 
the key server, and at the step of distributing a decryption key the identification 
code is employed by the key server to searc h for a decryption key th^^^^^used to 
ciecoHV tlrie program data . 

16. A program data distribution system for use with an. open network comprising: a 
manager for issuing an- identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is used to decode the program data encrypted by the encryption key; a file 
server, connected to said open network and holding distribution rights for the 
program data based on a contract with said manager, for encrypting program data by 
the encryption key issued from the manager and distributing the encrypted program 
data along with the corresponding identification code; a key server, connected to 
said open network, and independent .from the file server, for distributing the 
decryption key issued by said manager; and a terminal, connected to said open 
network, for receiving the encrypted program data along with the corresponding 
identification code from the file server,' and obtaining;^ the^ decryption key 
corresponding to the identification code from th^^^y server to decode and process 
ffHe^^ncrypted program data. 
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ART-UNIT: 3621 

PRIMARY-EXAMINER: Trammell; James P. 
ASSISTANT-EXAMINER: Hewitt; Calvin 

ATTY-AGENT-FIRM: Dickstein Shapiro Morin & Oshinsky LLP 
ABSTRACT: 

When program data is distributed to users across an open network, such as the 
Internet, a licensing agreement concluded between a server for the program data and 
a manager is maintained and the unauthorized copying of program data is prevented. 
Therefore, to fulfill such the situation, a program data distribution system 
includes an open network; a file server, connected to the open network, for 
distributing encrypted program data; a key server, connected to the open network, 
for distributing a decryption key used to decode the encrypted program data; and a 
terminal, connected to the open network, for processing program data, the terminal 
employing the decryption key distributed by the key server to decode the encrypted 
program data obtained from the file server. 

22 Claims, 4 Drawing figures 
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The issuer equipment 100 retrieves the common key K corre3Pondinq to the 
identification number KID from the storage device 110, extracts the key PKUi, the 
identification number KID and the amount x by decryption with the common key K, and 
increments the balance counter EBC by x. Further, the issuer equipment 100 attaches 
its signature to a pair of the key PKUi and the amount x using the issuer secret 
key SKI to obtain SKI (PKUi, x) , then encrypts it with the common key K to obtain K 
(SKI (PKUi, x)), and sends it intact (in FIG. 20) to the bank 200 or together with 
the issuer signature generated using the secret key SKI (in FIG. 24). 

Current US Cross Reference Classification ( 1 ) : 
705/1 
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CLAIMS: 

11. The method of claim 1 or 2, wherein said electronic cash system further 
comprises a bank equipment as an institution for managing an account of each user, 
and .said method comprises: user registration procedure wherein: said user ' equipment 
generates a common key, then encrypts a signature verifying public key and said 
coxmnon key as a pseudonym of said user with an issuer public key, and sends said 
encrypted pseudonym to said bank equipment together with user identification 
information IdU; said bank equipment stores said user identification information 
IdU and said encrypted pseudonym, and sends said encrypted pseudonym to said issuer 
equipment; said issuer equipment decrypts said encrypted data from said bank 
equipment with an issuer secret key to extracts said pseudonym and said common key, 
then adds an identifier for said common key as common key information KID, then 
stores said pseudonym and said encrypted pseudonym, and at the same time, stores 
said common key information KID and said common key in correspondence with each 
other, then generates an issuer signature for said pseudonym as a license, then 
encrypts said license and said common key information KID with said common key to 
obtain an encrypted license, and sends said encrypted license to said bank 
equipment; and said bank equipment sends said encrypted information received from 
said issuer equipment to said user equipment; and said user equipment decrypts said 
encrypted license with said common key to extract said license and said common key 
information KID, and stores them; electronic cash issuing procedure wherein: said 
user equipment encrypts its pseudonym and its requested amount of withdrawal with 
said common key to obtain an encrypted pseudonym, and sends said common key 
information KID and said encrypted pseudonym to said bank equipment together with 
user identification information IdU and said requested amount; said bank equipment 
reduces the balance in an account of said user in response to said request from 
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said user equipment/ and sends to said issuer equipment said requested amount, said 
encrypted pseudonym and said common key information KID received from said user 
equipment ; said issuer equipment retrieves said common key corresponding to said 
common key information KID received from said bank equipment, decrypts said 
received encrypted pseudonym with said common key to extract said user pseudonym, 
then generates as electronic cash an issuer signature for said user pseudonym and 
said requested amount, then encrypts said electronic cash with said common key, 
then increments said electronic cash balance counter corresponding to said user 
pseudonym by the amount of .said encrypted electronic cash, and sends said encrypted 
electronic cash to said bank equipment; said bank equipment sends said encrypted 
electronic cash to said user equipment; and said user equipment decrypts said 
encrypted electronic cash with said common key, verifies the validity of said 
issuer signature of said electronic cash, and if valid, increments said user 
balance counter by the amount of said electronic cash received from said bank 
equipment without storing the electronic cash; and electronic cash payment 
procedure wherein: said user equipment decrements said- balance counter by the 
amount due, generates a user signature therefor, and sends said user signature to 
said shop equipment together with said license and said user pseudonym. 



Previous Doc 



Next Doc 



Go to Doc# 



http://westbrs:9000/bin/gate.exe?f^doc&state=o0vsf6.42.2&ESNAME-KWIC&p_Me 



9/12/05 



Record Display Form 



Page 1 of 3 



First Hit Fwd Refs 



Previous Doc 

n 



Next Doc Go to Doc# 




L24: Entry 2 of 4 



File: USPT 



Mar 25, 2003 



US-PAT-NO: 6539364 

DOCUMENT-IDENTIFIER: US 6539364 B2 

TITLE: Electronic cash implementing method and equipment using user signature and 
recording medium recorded thereon a program for the method 

DATE-ISSUED: March 25, 2003 



INVENTOR-INFORMATION: 
NAME 

Moribatake; Hidemi 
Okamoto; Tatsuaki 



CITY 

Tokyo 

Tokyo 



STATE 



ZIP CODE 



COUNTRY 

JP 

JP 



ASSIGNEE-INFORMATION: 

NAME CITY STATE ZIP CODE COUNTRY TYPE CODE 

Nippon Telegraph and Telephone Corporation Tokyo JP .03 

APPL-NO: 09/ 219447 [PALM] 
DATE FILED: December 23, 1998 



FOREIGN-APPL-PRIORITY-DATA: 
COUNTRY APPL-NO 
JP 9-359106 



APPL-DATE ■ 
December 26, 1997 



INT-CL: [07] G06 F 17/60 

US-CL-ISSUED: 705/69; 705/1, 705/50, 705/64, 705/65, 705/66, 705/67, 705/68, 
705/76, 705/78 

US-CL-CURRENT: 705/69; 705/1, 705/50, 705/64, 705/65, 705/66, 705/67, 705/68, 
705/76, 705/78 

FIELD-OF-SEARCH: 705/1, 705/78, 705/35, 705/39, 705/41, 705/50, 705/53, 705/64, 
705/65, 705/76, 705/75, 380/4, 380/23, 380/24, 380/25, 380/30, 380/21 

PRIOR-ART-DISCLOSED: 



U.S. PATENT DOCUMENTS 



n 
n 



PAT -NO 

5536923 

5696827 



ISSUE-DATE 
July 1996 
December 1997 



PATENTEE-NAME 

Foglino 

Brands 



US-CL 

235/380 

380/30 



http://westbrs:9000/bin/gate.exe?f^doc&state=o0vsf6.42.2&ESNAME=FRO&p_Message=... 9/12/05 



Record Display Form 



Page 2 of 3 



□ 


5889862 


March 1999 


Ohta et al. 




380/24 


n 


5901229 


May 1999 


Fujisaki et 


al. 


380/30 


n 


5926548 


July 1999 


Okamoto 




380/24 


n 


6164528 


December 2000 ' 


Hills et al. 




235/379 


n 


6209095 


March 2001 


Anderson et 


al. 


713/176 



FOREIGN PATENT DOCUMENTS 



FOREIGN-PAT-NO 


PUBN-DATE 


COUNTRY 


0 772 165 


May 1997 


EP 


0 807 910 


November 1997 


EP 


0 810 563- 


December 1997 


EP 


0 810 563 


January 2000 


EP 


03-073065 


March 1991 


JP 


03-092966 


April 1991 


JP 


09006880 


January 1997 


JP 


WO' 97 08870 


March 1997 


WO 



OTHER PUBLICATIONS 

Tyler, Geoff, "The cashless revolution", Management Services, v39n6 pp: 26-27 Jun. 

1995. * 

Hidemi Moribatake et al., SCIS97-3C (Symposium on Cryptography and Information 

Security), 1997, pp. 1-8, Electronic Cash Scheme. 

XP 000567597; Electronic Cash on the Internet by Stefan Brands. 

Brands, S., "Off-Line Cash transfer by Smart Cards," Centrum Voor Wiskunde' en 

Informatica Report, No. CS-R9455, Jan. 1, 1994, pp. 1-16. 

Camenisch, J., et al., "An Efficient Fair Payment System," ^rd ACM Conf.- on 
Computer- and Communications Security, New Delhi, Mar. 14-16, 1996, No. Conf. 3, 
Mar. 14, 1996, pp. 88-94. 

New Electronic Money System NTT Review, vol. 8, No. 6, Nov. 1, -1996, p. 4. 
Zuzuki, M., et al . , "Electronic Cash System," NTT Review, vol. 8, No. 4, Jul. 1, 

1996, pp. 10-15.. 

ART-UNIT: 3621 

PRIMARY-EXAMINER: Sough; Hyung-Sub 
ASSISTANT-EXAMINER: Hewitt, II; Calvin L 
ATTY-AGENT-FIRM: Connolly Bove Lodge & Hutz LLP 



ABSTRACT: 



A user registers a user public key PKU as a pseudonym at a trustee or issuer and 
obtains an signature for the pseudonym as a license. The sends the pseudonym, PKU 
identification information IdU and the amount of withdrawal x to the issuer 
institution. The issuer increments a balance counter of the pseudonym by x, then 
generates an issuer signature SKI (PKU, x) with a secret key SKI, and sends the 
issuer signature as an electronic cash to the user. The user verifies the validity 
of the issuer signature with a public key SKI, and if valid, increments an 
electronic cash balance counter Balance by x. At the time of payment, user sends 
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the public key PKU and the license to a shop, and the shop verifies the validity of 
the license, and if valid, sends a challenge to the user. The user attaches a 
signature to the challenge with user secret key SKU, then sends it to the shop 
together with the amount due y, and decrements the electronic cash balance counter 
by y. 

25 Claims, 30 Drawing figures 
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Detailed Description Text (25) : 

The terminal information setting portion 251 assigns the terminal encryption key 
and the coefficient of basic charge for the terminal 3 which generated the • 
initialization command, and then stores in the terminal information storing portion 
252 the identifier and the terminal information of the terminal 3 which are 
included in the initialization command and the assigned coefficient of basic charge 
and terminal encryption key (refer to FIG. 4 and FIG. 5) . As described above, the 
terminal information setting portion 251 generates a terminal decryption key 
corresponding to the assigned terminal encryption key, and then generates and 
outputs a key assignment command to the server I/F 24. The key assignment command 
includes the identifier of the terminal 3 which generated the above initialization 
CQrnmaTid"^and" t h"e-^ rminal:" de cr yp tl on key^generated for the terminal 3, being 
outputted to the local bus 5 by the server I/F 24 and being inputted to the 
terminal I/F 32 of the terminal 3 which generated the above initialization command. 
The terminal I/F 32 outputs the inputted key assignment command to the terminal 
decrypting portion 34. The terminal decrypting portion 34 extracts the terminal 
decryption key included in the inputted key assignment command, and then stores the 
extracted terminal decryption key in its internal memory. The initialization is 
thereby completed, allowing the terminal 3 to generate a request for pay 
information . ' 

Current US Original Classification (1) : 
705/1 

Current US Cross Reference Classification (3) : 
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Current US Cross Reference Classification ( 4 ) : 
705/51 
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CLAIMS: 

2. A program data distribution method for use with an open network comprising the 
steps of: issuing an identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is used to decode the program data encrypted by the encryption key; 
distributing program data encrypted by the encryption key from a file server 
connected to said open network; distributing a decryption key from a key server 
connected to said open network, said decryption key used to decode said encrypted 
program data; and employing said decryption key distributed by said key server to 
decode said encrypted program data obtained from said file server by a terminal, 
which is connected to said open network for processing program data, wherein, at 
the step of distributing encrypted program data, the identification code is 
transmitted along with the program data to the terminal, the terminal transmits the 
received identification code to the key server, and based on the identification 
code, the key server searches for a decryption key used to decrypt the program data 
and transmits the decryption key to the terminal. 

8. A program data distribution method, for use with an open network, comprising the 
steps of; issuing an identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is used to decode the program data encrypted by the encryption key; 
distributing program data encrypted by the encryption key from a file server 
connected to said open network; downloading said encrypted program data, which is 
distributed by said file server, at a terminal that is connected to said open 
network and processes said program data; distributing a decryption key from a key 
server connected to said open network, said decryption key used to decode said 
encrypted program data that is transmitted by said file server; and employing, at . 
said terminal, said decryption key received from said key server to decode said 
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encrypted program data that is downloaded, wherein at the step of distributing 
encrypted program data the identification code is distributed along with the 
program data, at the step of downloading the identification code is transmitted to 
the key server, and at the step of distributing a decryption key the identification 
code is employed by the- key server- to- search for a- dec ryptrion key that is used to 
decode the program data. 

16. A program data distribution system for use with an open network comprising: a 
manager for issuing an identification code corresponding to program data, an 
encryption key which is used to encrypt said program data and a decryption key 
which is used to decode the program data encrypted by the encryption key; a file 
server, connected to said open network and holding distribution rights for the 
program data based on a contract with said manager, for encrypting program data by 
the encryption key issued from the manager and distributing the encrypted program 
data along with the corresponding identification code; a key server, connected to 
said open network, and independent from the file server, for distributing the 
decryption key issued by said manager; and a terminal, connected to said open 
network, for receiving the encrypted program data along with the corresponding 
identification code from the file server, and obtaining the decryption key 
corresponding to the identification code from the key server to decode and process 
the encrypted program data. 
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